KVKK

  1. Purpose and Scope

JANAN'S Taah. Tic. Ltd. Şti. Personal Data Processing and Protection Policy (JANAN'S KVK Policy) regulates the principles adopted by JANAN'S for the protection and processing of personal data.

JANAN'S KVK Policy aims to provide guidance in terms of the implementation of the regulations set forth in the Personal Data Protection Law No. 6698 (KVKK) and the relevant legislation and to ensure that the KVKK compliance process is carried out meticulously.

  1. Aim

JANAN'S KVK Policy aims to provide guidance in terms of the implementation of the regulations set forth in the KVK Law and relevant legislation.

  1. Definitions

The definitions in JANAN'S Personal Data Protection Policy are listed below.

Personal Data

Any information relating to an identified or identifiable natural person.

 

Special Personal Data

Personal data that would cause discrimination if learned and are listed in a limited way in the Law. These are: race, ethnicity

Data regarding origin, political views, philosophical beliefs, dress code, association, foundation or union membership, health, sexual life, criminal convictions and security measures, biometric and genetic data

data.

 

Data Controller

The natural person, private law legal entity or public law legal entity who decides on the purposes and methods of processing personal data.

Data Processor

A natural or legal person who processes personal data on behalf of the data controller based on the authority granted by the data controller.

Contact Person

The natural person whose personal data is processed.

Explicit Consent

It is consent based on information and expressed with free will regarding a specific subject.

Electronic Media

Environments where personal data can be created, read, written and changed using electronic devices.

 

Non-Electronic Media

All printed, written, visual etc. media.

  •  

JANAN'S Personal Data Processing and Protection Policy

  •  

Personal Data Protection Authority

  •  

Personal Data Protection Board

  •  

Personal Data Protection Law No. 6698

  1. What Personal Data Do We Collect?

If you fill out the “Register” form to register on our website, your “name, surname, e-mail address, mobile phone” information,

If you shop through our website, your “name, surname, e-mail address, mobile phone, address, payment information, shopping history” information,

During your visit to our website, other traffic data such as your IP address and connection time may be collected.

  1. For What Purposes Do We Collect Your Personal Data?

We collect your personal data for the following purposes:

  • Managing information security processes

  • Conducting audit activities

  • Carrying out activities in accordance with legislation

  • Carrying out financial and accounting activities

  • Carrying out processes of loyalty to the Company/Product/Services

  • Monitoring and execution of legal affairs

  • Carrying out communication activities

  • Planning of human resources processes

  • Managing the purchasing processes of goods/services

  • Managing after-sales support processes for goods/services

  • Managing goods/service sales processes

  • Managing goods/service production and operation processes

  • Managing customer relationship management processes

  • Managing activities for customer satisfaction

  • Managing marketing analysis studies

  • Managing advertising/campaign/promotion processes

  • Managing contract processes

  • Follow up on requests/complaints

  • Managing investment processes

  • Providing information to authorized persons, institutions and organizations

  • Managing management activities

  • Creation and tracking of visitor records

  • Other legitimate purposes

  1. How Do We Collect Your Personal Data?

We collect your personal data through cookies when you visit our website, through the membership form you fill out if you become a member of our website, and through the form you fill out if you shop on our website.

By becoming a member of our website; your name, surname, mobile phone and e-mail address,

By shopping on our website, you share your name, surname, mobile phone, e-mail address, residential address, and payment information.

Through cookies; we can track your browsing information and usage history on the site in order to make our website more useful for you. Cookies make it easier for you to use the website by storing your preferences. You can always change your cookie preferences. However, if you remove cookies, our website may not function properly. For more detailed information, please review our Cookie Policy .

  1. How Do We Protect Your Personal Data?

In order to prevent unlawful disclosure, transfer, access or other security deficiencies that may occur, technical and administrative measures are taken by JANAN'S according to the nature of the personal data to be protected, within the possibilities.

  1. Administrative Measures

  • Determination of existing risks and threats: After determining whether personal data is special personal data, the level of confidentiality it requires due to its nature, the nature and nature of the damage that may arise for the relevant person in the event of a security breach, measures are taken to reduce or, if possible, eliminate these risks.

  • Training and awareness campaigns for employees: JANAN'S carries out training campaigns at regular intervals to enable employees to take first action against attacks that may harm personal data security and to develop their knowledge, skills and responsibilities regarding ensuring personal data security, even if they have limited knowledge about cyber security.

  • Determination of personal data security policies and procedures: JANAN'S determines the practices that must be implemented to ensure compliance with the Personal Data Protection Law, and these practices are regulated by internal policies.

  • Reducing personal data as much as possible: JANAN'S evaluates whether personal data is needed for processing purposes and ensures that personal data is deleted, destroyed or anonymized through the JANAN'S Personal Data Storage and Destruction Policy.

  • The obligation to inform the relevant persons is fulfilled.

  1. Technical Measures

  • Technical measures are taken by JANAN'S to the extent that technology allows, and the measures taken are updated and improved in parallel with the developments.

  • Personnel specialized in technical matters are employed.

  • Inspections are carried out at regular intervals to ensure the implementation of the measures taken.

  • Software and systems are installed to ensure security.

  • Access to personal data processed within JANAN'S is limited to the relevant employees in line with the determined processing purposes.

  • Penetration tests reveal risks, threats, vulnerabilities and gaps (if any) regarding information systems and take necessary precautions.

  • Hardware measures are taken to ensure the security of information systems against environmental threats. (Access control system that allows only authorized personnel to enter the system room)

  • Physical measures are taken to ensure the physical security of information systems (fire extinguishing systems, air conditioning systems, etc.).

  • JANAN'S takes the necessary measures to ensure that deleted personal data is inaccessible and non-reusable for the relevant users.

  • If personal data is obtained unlawfully by others, this situation is reported to the relevant person and institution.

  • Strong passwords are used in electronic environments where personal data is processed.

  • Secure record keeping (logging) systems are used in electronic environments where personal data is processed.

  • Data backup programs are used to ensure the safe storage of personal data.

  • Access to JANAN'S website is encrypted with the SHA256 RSA algorithm using the secure protocol (https://).

  1. Rights of the Data Subject

In accordance with Article 11 of the Personal Data Protection Law, the relevant person may make the following requests by applying to JANAN'S.

  • Learning whether personal data is being processed,

  • To request information regarding the processing of personal data,

  • To learn the purpose of processing personal data and whether they are used in accordance with their purpose,

  • To know the third parties to whom personal data is transferred, either domestically or abroad,

  • To request correction of personal data if it is processed incompletely or incorrectly,

  • Requesting the deletion or destruction of personal data within the framework of the conditions set out in Article 7 of the Personal Data Protection Law,

  • Requesting notification to third parties to whom personal data has been transferred in line with the request for correction or deletion of personal data,

  • To object to a result that is detrimental to the person concerned, as a result of the analysis of processed data exclusively through automated systems,

  • To request compensation in case of damages due to unlawful processing of personal data.

Upon the request of the relevant person, we undertake to delete personal data that we are not obliged to keep due to legal obligations or for which the periods specified in the law for storage have expired.

  1. Conditions for the Person to Apply to JANAN'S

You can submit your applications regarding your rights listed above to JANAN'S using the Data Owner Application Form,

-It should be sent with a wet signature and a photocopy of your ID to Çobançeşme Mh. Sanayi Cd. No:44/A Nish Istanbul D Blok, D:56 Bahçelievler/Istanbul.

-You can send it to us by sending it to info@janans.com from the e-mail address previously notified to JANAN'S by the relevant person and registered in our system.

JANAN'S, as the data controller, will finalize the request free of charge in accordance with Article 13 of the Personal Data Protection Law, as soon as possible and within 30 days at the latest, depending on the nature of the request. However, if the transaction requires an additional cost, the fee in the tariff determined by the Personal Data Protection Board may be charged.

In the application of the relevant person, in accordance with the Communiqué on the Procedures and Principles of Application to the Data Controller; name, surname, signature, Turkish identity number, nationality for foreigners, passport number or identity number if any, place of residence or workplace address for notification, e-mail address for notification if any, telephone and fax number and the subject of the request must be stated. The application must be related only to the relevant person. The person who will apply on behalf of someone else must have this authority documented with a special power of attorney. Applications from unauthorized third parties will not be taken into consideration.

JANAN'S may request information to determine whether the applicant is the owner of the personal data subject to the application. Information may be requested from the relevant person in order to finalize the application of the relevant person in accordance with the request. JANAN'S accepts the request of the relevant person or rejects it by explaining the reason and notifies the relevant person in writing or electronically.

  1. Commercial Electronic Messages

You can always withdraw your consent to commercial electronic messages that you gave when you became a member of our website.

  1. Links to Other Websites

JANAN'S is not responsible for the content and privacy practices of other websites linked to our website. Therefore, we recommend that you review the policies of these other websites.

  1. Topicality

JANAN'S Privacy Policy is published on the JANAN'S website www.janans.com and is accessible to personal data owners. In parallel with the changes to be made in the relevant legislation, the necessary updates and changes will be made to the JANAN'S Privacy Policy and made available to data owners.